Thank you for your
feedback!

Provide feedback on
this article

Description

By default, virus and spyware scans minimize the effect on your client computers' resources. You can change some scan settings to optimize the performance even more. Many of the tasks that are suggested here are useful in the environments that run Symantec Endpoint Protection in guest operating systems on virtual machines (VMs).

You can adjust the following options for scheduled and on-demand scans:

Change tuning options

You can change the scan tuning to Best Application Performance. When you configure a scan with this setting, scans can start but they only run when the client computer is idle. If you configure an Active Scan to run when new definitions arrive, the scan might not run for up to 15 minutes if the user is using the computer

Change the number of levels to scan compressed files

The default level is 3. You might want to change the level to 1 or 2 to reduce scan time.

For computers in your network that have large volumes, scheduled scans can be configured as resumable scans.

A scan duration option provides a specified period to run a scan. If the scan does not complete by the end of the specified duration, it resumes when the next scheduled scan period occurs. The scan resumes at the place where it stopped until the entire volume is scanned. Typically you use the scan duration option on servers.

Note:

Do not use a resumable scan if you suspect that the computer is infected. You should perform a full scan that runs until it scans the entire computer. You should also not use a resumable scan if a scan can complete before the specified interval.

In virtualized environments, where multiple virtual machines (VMs) are deployed, simultaneous scans create resource problems. For example, a single server might run 100 or more VMs. Simultaneous scans on those VMs drain resources on the server.

Shared Insight Cache eliminates the need to rescan the files that Symantec Endpoint Protection has determined are clean. You can use Shared Insight Cache for scheduled and manual scans on your client computers. Shared Insight Cache is a separate application that you install on a server or in a virtual environment.

The default is to scan all folder types. You can specify any of: Root, Home, Bin, Usr, Etc, and Opt. If you know that a folder is safe, you can uncheck it in the list.

Scan by file type

The default is to scan all files. If you know that a given extension is safe, you can remove it from the list.

Scan files inside compressed files

You can expand up to three levels to scan within compressed files. You might want to change the level to 1 or 2 to reduce scan time.

Scan for security risks

Lets you choose whether to scan for security risks. Security risks are updated through LiveUpdate. Scanning for security risks slows the scan down, but increases security. The default is to scan for security risks. To improve computer performance, uncheck this option.